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This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims 

1. (Currently amended) A method for implementing security features at a portal server, 
comprising: 

receiving a first request from a client; 

in response to receiving the first request, authenticating the client; 

consulting a database to determine access privileges of the authenticated client for 
interactions with a plurality of applications, wherein the applications are located at backend 
servers; 

generating code containing selectable interactions with the applications, wherein any 
authentication for the selectable interactions can b e is performed within the portal server; and 
sending the code to the client. 

2. (Original) The method of claim 1 , further comprising: 

responsive to sending the code to the client, receiving a second request fi-om the client, 
wherein the second request contains a selection of at least one of the selectable interactions; 
determining from the selection a set of backend servers to process the second request; 
forwarding the second request to the set of backend servers; 

receiving results corresponding to the request firom applications executing on the backend 
servers; and 

sending the results to the cUent. 

3. (Original) The method of claim 2, wherein sending the resuUs to the client further 
comprises: 

generating further selectable interactions; and 

sending the further selectable interactions with the results to the client. 

4. (Original) The method of claim 1, wherein the portal server is a Web server and the 
portal server comprises a portal application. 
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5. (Original) The method of claim 1, wherein the database comprises a plurality of 
generic objects, wherein each generic object contains the access privileges related to a user for 
the elements of the plurality of applications. 

6. (Original) The method of claim 5, wherein the access privileges indicate write 

access. 

7. (Original) The method of claim 5, wherein the database is in the form of a table. 

8. (Original) The method of claim 1 wherein the code is in a form that can be rendered 
into a Web page. 

9. (Original) The method of claim 8, wherein the form of the code is comprised of 
active code, wherein the active code can be executed on the client. 



10. (Currently amended) The method of claim 1, wherein the selectable interactions 
correspond to operations within the applications and resources related to the applications, and 
wherein the applications, the operations within the apphcations, and the resources related to the 
applications are displaved on a single Web page . 

11. (Original) The method of claim 1, wherein the selectable interactions correspond to 
resources related to the applications. 

12. (Original) The method of claim 11, wherein the resources are selected from the 
group consisting of multimedia content, objects, files, attributes of objects, program elements, 
database objects, table entries. 

13. (Currently amended) A method at a backend system for securely making available a 
backend application, comprising: 

creating data structures corresponding to interactions with the backend application; 
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associating privileges for each of the data structures, wherein the privileges can b e are 
fully checked at a portal application separately hosted from the backend application; 

receivin g, at the backend application, a request from the portal application for reading the 
data structures; and 

sendin g, from the backend application, the data structures to the portal application. 

14. (Currently amended) The method of claim 13, further comprising: 
receiving a request for an interaction with the backend application from the portal 

application; 

processing the request without checking for the privileges; and 

sending the results of processing the request to the portal s e rv e r a pplication . 

15. (Original) The method of claim 13, wherein the data structures are data objects. 

16. (Original) The method of claim 13, wherein a representation of the data structure is 
from the group consisting of a relational database, an XML document and a class. 

17. (Currently amended) The method of claim 13, wherein the interactions are 
operations that can be performed on the backend application and on resources related to the 
backend application, and wherein the backend application, the operations that can be performed 
on the backend application, and the resources related to the backend application are displaved on 
a single Web page on a client . 

18. (Currently amended) The method of claim 13, wherein the interactions relate to 
resources associated with the background backend application. 

19. (Original) A method for accessing a group of applications at a client computer 
comprising: 

authenticating with a portal server; 
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receiving a list of applications and interactions that can be performed with the 
applications from the portal server, wherein the applications are stored at backend servers that 
are different from the portal server; 

selecting an interaction; and 

receiving results based on the selection of the interaction without authenticating with the 
backend servers. 

20. (Currently amended) The method of claim 19, wherein receiving the results further 
comprises receiving a set of further interactions selectable by the client computer, wherein the 
portal server performs all necessary authentications of the client computer, and wherein the 
backend servers avoid any authentication of the client computer . 

21. (Original) The method of claim 19, wherein authenticating, receiving the Ust, 
selecting, and receiving results are at a Web browser. 

22. (Currently amended) A system for implementing security features, comprising: 
a portal server; 

means for receiving a first request from a client at the portal server; 

means for authenticating the client, in response to receiving the first request; 

means for consulting a database to determine access privileges of the authenticated client 
for interactions with a plurality of applications, wherein the applications are located at backend 
servers; 

means for generating code containing selectable interactions with the applications, 
wherein any authentication for the selectable interactions con b e is performed within the portal 
server; and 

means for sending the code to the client. 

23. (Original) The system of claim 22, further comprising: 

means for receiving a second request from the client in response to sending the code to 
the client, wherein the second request contains a selection of at least one of the selectable 
interactions; 
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means for determining from the selection a set of backend servers to process the second 
request; 

means for forwarding the second request to the set of backend servers; 
means for receiving results corresponding to the request from applications executing on 
the backend servers; and 

means for sending the resuhs to the chent. 

24. (Original) The system of claim 23, wherein the means for sending the results to the 
client fiirther performs: 

generating fiirther selectable interactions; and 

sending the further selectable interactions with the results to the client. 

25. (Currently amended) The system of claim 22, wherein the database comprises a 
plurality of generic objects, wherein each generic object contains the access privileges related to 
a user for the elements of the plurality of application s, wherein the database is in the form of a 
table, wherein the selectable interactions correspond to operations within the applications and 
resources related to the applications, and wherein the applications, the operations within the 
a pplications, and the resources related to the applications are displayed on a single Web page . 

26. (Currently amended) A system for securely making available a backend 
application, comprising: 

a backend system hosting the backend application; 

means for creating data structures at the backend system corresponding to interactions 
with the backend application; 

means for associating privileges for each of the data structures, wherein the privileges em 
he are fully checked at a portal application separately hosted from the backend application; 

means for receivin g, at the backend appUcation, a request from the portal application for 
reading the data structures; and 

means for sendin g, from the backend application, the data structures to the portal 
application. 
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27. (Currently amended) The system of claim 26, further comprising: 

means for receiving a request for an interaction with the backend application from the 
portal application; 

means for processing the request without checking for the privileges; and 

means for sending the results of processing the request to the portal s e rvor application . 

28. (Original) A system for accessing a group of apphcations comprising: 
a client computer; 

means for authenticating with a portal server from the client computer; 

means for receiving a list of applications and interactions that can be performed with the 
applications from the portal server, wherein the applications are stored at backend servers that 
are different from the portal server; 

means for selecting an interaction; and 

means for receiving results based on the selection of the interaction without 
authenticating with the backend servers, 

29. (Currently amended) The system of claim 28, wherein the means for receiving 
the results ftirther performs receiving a set of ftirther interactions selectable by the client 
computer, wherein the portal server performs all necessary authentications of the client 
computer, and wherein the backend servers avoid anv authentication of the client computer . 

30. (Currently amended) An article of manufacture including code for implementing 
security features at a portal server, wherein the code is capable of causing operations, the 
operations comprising: 

receiving a first request from a client; 

in response to receiving the first request, authenticating the client; 

consulting a database to determine access privileges of the authenticated client for 
interactions with a plurality of applications, wherein the applications are located at backend 
servers; 

generating code containing selectable interactions with the applications, wherein any 
authentication for the selectable interactions con b e is performed within the portal server; and 
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sending the code to the client. 

31. (Original) The article of manufacture of claim 30, further comprising: 
responsive to sending the code to the client, receiving a second request from the client, 

wherein the second request contains a selection of at least one of the selectable interactions; 
determining from the selection a set of backend servers to process the second request; 
forwarding the second request to the set of backend servers; 

receiving results corresponding to the request from applications executing on the backend 
servers; and 

sending the results to the client. 

32. (Original) The article of manufacture of claim 31, wherein sending the resuhs to the 
client further comprises: 

generating further selectable interactions; and 

sending the further selectable interactions with the resuhs to the chent. 

33. (Original) The article of manufacture of claim 30, wherein the portal server is a Web 
server and the portal server comprises a portal application. 

34. (Original) The article of manufacture of claim 30, wherein the database comprises a 
plurality of generic objects, wherein each generic object contains the access privileges related to 
a user for the elements of the plurality of applications. 

35. (Original) The article of manufacture of claim 34, wherein the access privileges 
indicate write access. 

36. (Original) The article of manufacture of claim 34, wherein the database is in the 
form of a table. 

37. (Original) The article of manufacture of claim 30 wherein the code is in a form that 
can be rendered into a Web page. 
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38. (Original) The article of manufacture of claim 37, wherein the form of the code is 
comprised of active code, wherein the active code can be executed on the client. 

39. (Currently amended) The article of manufacture of claim 30, wherein the 
selectable interactions correspond to operations within the applications and resources related to 
the apphcations, and wherein the applications, the operations within the appUcations, and the 
resources related to the applications are displayed on a single Web page . 

40. (Original) The article of manufacture of claim 30, wherein the selectable interactions 
correspond to resources related to the applications. 

41. (Original) The article of manufacture of claim 40, wherein the resources are selected 
from the group consisting of multimedia content, objects, files, attributes of objects, program 
elements, database objects, table entries. 

42. (Currently amended) An article of manufacture, including code for securely 
making available a backend appUcation at a backend system, wherein the code is capable of 
causing operations, the operations comprising: 

creating data structures corresponding to interactions with the backend application; 

associating privileges for each of the data structures, wherein the privileges can b e are 
fully checked at a portal application separately hosted from the backend application; 

receivin g, at the backend application, a request from the portal application for reading 
the data structures; and 

sendin g, from the backend application, the data structures to the portal application. 

43. (Currently amended) The article of manufacture of claim 42, further comprising: 
receiving a request for an interaction with the backend application from the portal 

application; 

processing the request without checking for the privileges; and 

sending the results of processing the request to the portal se rv e r a pplication . 
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44. (Original) The article of manufacture of claim 42, wherein the data structures are 
data objects. 

45. (Original) The article of manufacture of claim 42, wherein a representation of the 
data structure is from the group consisting of a relational database, an XML docimient and a 
class. 

46. (Currently amended) The article of manufacture of claim 42, wherein the 
interactions are operations that can be performed on the backend application and on resources 
related to the backend application, and wherein the backend application, the operations that can 
be performed on the backend application, and the resources related to the backend application 
are displayed on a single Web page on a cUent . 

47. (Currently amended) The article of manufacture of claim 42, wherein the interactions 
relate to resources associated with the background backend application. 

48. (Original) An article of manufacture, including code for accessing a group of 
applications at a client computer, wherein the code is capable of causing operations, the 
operations comprising: 

authenticating with a portal server; 

receiving a list of applications and interactions that can be performed with the 
applications from the portal server, wherein the applications are stored at backend servers that 
are different from the portal server; 

selecting an interaction; and 

receiving results based on the selection of the interaction without authenticating with the 
backend servers. 

49. (Currently amended) The article of manufacture of claim 48, wherein receiving the 
results further comprises receiving a set of further interactions selectable by the client computer. 



Page 10 of 21 



Amdt. dated September 9, 2005 
Reply to Office action of 6/9/2005 



Serial No. 10/090,556 
Docket No. SJO920010066US1 
Firm No. 0037.0017 



wherein the portal server performs all necessary authentications of the client computen and 
wherein the backend servers avoid any authentication of the client computer . 

50. (Original) The article of manufacture of claim 48, wherein authenticating, receiving 
the list, selecting, and receiving results are at a Web browser. 
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